• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.4
• /
• pp.647-659
• /
• 2023

As digital evidence becomes more important in criminal investigations, disputes are increasing in court. As media diversifies and the scope of analysis expands, the level of expertise in digital forensics is also increasing. However, no competency model has been developed to define the capabilities of digital evidence examiners or to judge their expertise. There have been some studies that have derived the capabilities necessary for digital evidence examiner, but they are still insufficient. Therefore, in this study, 25 competency evaluation factors in a total of 9 competency groups were defined using methodologies such as expert FGI and Delphi survey. Specifically, it was defined as Digital Forensics Theory, Digital Evidence Collection&Management, Disk Forensics, Mobile Forensics, Video Forensics, infringement forensics, DB Forensics, Embedded(IoT) Forensics, and Cloud Forensics. The digital evidence examiner competency model is expected to be used in various fields such as recruitment, education and training, and performance evaluation in the future.

• KNOM Review
• /
• v.22 no.1
• /
• pp.11-19
• /
• 2019

As technology develops, the latest security threats on the network applied to users are increasing. By attacking industrial or corporate systems with malicious purposes, hackers cause many social problems such as confidential information leakage, cyber terrorism, infringement of information assets, and financial damage. Due to the complex and diversified threats, the current security personnel alone are not enough to detect and analyze all threats. In particular, the Supervisory Control And Data Acquisition (SCADA) used in industrial infrastructures that collect, analyze, and return static data 24 hours a day, 265 days a year, is very vulnerable to real-time security threats. This paper introduces security information and event management (SIEM), a powerful integrated security management system that can monitor the state of the system in real time and detect security threats. Next, we compare SIEM solutions from various companies with the open source SIEM (OSSIM) from AlienVault, which is distributed as an open source, and present cases using the OSSIM and how to utilize it.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.18 no.3
• /
• pp.421-426
• /
• 2023

Among artificial intelligence convergence technologies, Chatbot is an artificial intelligence-based interactive system and refers to a system that can provide interaction with humans. Chatbots are being re-examined as chatbots develop into NLP, NLU, and NLG. However, artificial intelligence chatbots can provide biased information based on learned data and cause serious damage such as privacy infringement and cybersecurity concerns, and it is essential to understand artificial intelligence technology and foster AI literacy. With the continued evolution and universalization of artificial intelligence, AI Literacy will also expand its scope and include new areas. This study is meaningful in raising awareness of artificial intelligence technology and proposing the use of human respect technology that is not buried in technology by cultivating human AI literacy capabilities.

• Journal of the Korea Society of Computer and Information
• /
• v.14 no.5
• /
• pp.65-75
• /
• 2009

The development of IT technology, Internet popularity is increasing geometrically. However, as its side effect, the intrusion behaviors such as information leakage for key system and infringement of computation network etc are also increasing fast. The attack traffic detection method which is suggested in this study utilizes the Snort, traditional NIDS, filters the packet with false positive among the detected attack traffics using Nmap information. Then, it performs the secondary filtering using nessus vulnerability information and finally performs correlation analysis considering appropriateness of management system, severity of signature and security hole so that it could reduce false positive alarm message as well as minimize the errors from false positive and as a result, it raised the overall attack detection results.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.17 no.2
• /
• pp.219-228
• /
• 2022

One of the most pressing and demanding issues today in the conditions of widespread transformation and digitalization of spheres of human activity is information security and ensuring the integrity of data. The main research and development in the field of information security is aimed at improving efficiency and rationalization. One of the main means of data transmission and operation of information complexes are fiber-optic systems. To date, there have been incidents of illegal intrusion and theft of information, passing through this type of communication. Thus, today there is a problem associated with insufficient information security in fiber-optic data transmission systems. One of the most effective tools to counter acts of illegal interference in systems are artificial intelligence and cryptographic algorithms of information protection. It is the symbiosis of these two tools that can qualitatively improve the level of information security in fiber-optic data transmission systems. Thus, the authors of this article pursue the goal associated with the description of an innovative system for protecting information from violations in fiber-optic data transmission systems based on the integration of intelligent cryptographic algorithms.

• Korea Trade Review
• /
• v.42 no.3
• /
• pp.123-142
• /
• 2017

This study is to investigate Right to Chinese Name for Foreigners under Trademark Law of the People's Republic of China. The basketball star Michael Jordan sued Qiaodan Sports in 2012, saying the company had built its business around his Chinese name read as Qiaodan in Chinese without his permission. The Chinese supreme court ruled that the trademark for Jordan's Chinese name should be returned to China's State Administration for Industry and Commerce to be re-awarded, and it means Qiaodan Sports Co. must stop using the Chinese characters for Qiaodan on its merchandise. However, the court rejected Jordan's claim to the romanized or pinyin form of the name "Qiaodan," saying in its judgment that this version may not be closely linked with him. People who want to claim the right to Chinese name, he/she must prove the specific name has linked with him/her. Furthermore, he/she must prove the Chinese firm's actions had displayed "malicious intent" by registering trademarks for his/her Chinese name. The courts approve infringement by Chinese firm and stop to use his/her name in the country.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2021.10a
• /
• pp.578-579
• /
• 2021

According to a survey on the infringement of SMEs, the level of technology protection capability is improving every year, but technology leaks and damage continue to occur. This shows that there is a need for a security management and supervision system that can strengthen the security awareness of SME executives and employees and maintain the security level continuously. The Personal Information & Information Security Management System(ISMS-P) authentication systems is the latest related standard, which has the problem of applying the same certification criteria without considering the types of certification target organizations such as ISPs, IDC, hospitals and schools, and SMEs.. In this paper, 73 evaluation items that can be specialized and applied to SMEs were derived by referring to ISMS-P certification and Personal Information Protection Management System (PIMS) certification. The results of the study show that the number of evaluation items decreased by 28.4% compared to the existing ISMS-P certification.

• Convergence Security Journal
• /
• v.22 no.4
• /
• pp.99-107
• /
• 2022

The use of smart home appliances and Internet of Things (IoT) devices is growing, enabling new interactions and automation in the home. This technology relies heavily on mobile services which leaves it vulnerable to the increasing threat of hacking, identity theft, information leakage, serious infringement of personal privacy, abnormal access, and erroneous operation. Confirming or proving such security breaches have occurred is also currently insufficient. Furthermore, due to the restricted nature of IoT devices, such as their specifications and operating environments, it is difficult to provide the same level of internet security as personal computers. Therefore, to increase the security on smart home IoT devices, attention is needed on (1) preventing hacking and user authority theft; (2) disabling abnormal manipulation; and (3) strengthening audit records for device operation. In response to this, we present a plan to build a cloud security authentication platform which features security authentication management functionality between mobile terminals and IoT devices.

• Convergence Security Journal
• /
• v.22 no.2
• /
• pp.121-130
• /
• 2022

Recently, as soldiers are allowed to use mobile phones, cases are frequently transferred from the police to the military due to criminal acts, and digital evidence is collected separately from the reliability of previous investigations, such as overlapping seizure and search procedures. In this study, through in-depth interviews with practitioners in charge of digital evidence in the military, police, and courts, problems related to digital evidence handling, such as infringement of evidence ability due to overlapping human factors and procedures, are derived and analyzed. The presented procedure verified the effectiveness of the procedure through case analysis, and is expected to contribute to the guarantee of the evidence capacity of digital evidence and the efficiency of handling cases.

• Convergence Security Journal
• /
• v.22 no.2
• /
• pp.59-66
• /
• 2022

Recently, smart home technology has been developed with a great response due to the convenience of home automation. Smart home technology provides various services by connecting various Internet of Things (IoT) and sensors to a home network through wired/wireless networks. In addition, the smart home service easily and conveniently controls lighting, energy, environment, and door cameras through a wall pad. However, while it has become a social issue due to the recent hacking accident of wall pads, personal information leakage and privacy infringement are expected. Accordingly, it is necessary to prepare preventive and countermeasures against security vulnerability factors of wall pads. Therefore, this study expects that it can be used as basic data for future smart home application and response technology development by examining the weak causes and countermeasures related to wall pads.